RE: Add Internal DSL Network

• From: "Kevin S. Malinowski" <Kevin@xxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 7 Mar 2002 16:53:00 -0700

Hi, Amy.

The missing information now seems to be your Gateways. I will take these 
guesses:

Based on my diagram
The gateway for R1 is 10.0.0.1
The gateway for R2 is 200.0.0.1

This being the case, you will need to add a route to R1 telling it where to use 
200.0.0.2 as the gateway going to the 100.0.0.0 segment.

One thing I would also suggest is to use 2 segments that are not routable on 
the internet. Such as 172.16.0.0 subnet mask 255.255.0.0 and 172.17.0.0 subnet 
mask 255.255.0.0 instead of the 100.0.0.0 and 200.0.0.0 ranges. This will help 
with security, as those two networks can exist on the public side of your ISA 
box, and if a request comes from one of those networks, it is treated as if it 
came from the inside.

HTH
Kevin

-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Thursday, March 07, 2002 4:34 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Add Internal DSL Network


http://www.ISAserver.org


Thanks Kevin. I haven't added the 200 network to the LAT. I will give
that a try but I didn't think that the 200 part was getting out of the
router. These are configured as routers and I'm not using NAT on them.

Amy Babinchak
Technology Consultant


-----Original Message-----
From: Kevin S. Malinowski [mailto:Kevin@xxxxxxxxxx] 
Sent: Thursday, March 07, 2002 4:32 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Add Internal DSL Network

http://www.ISAserver.org


Hi, Amy.

A couple of things right off the top. Both the 200 segment and 100
segment need to be in the LAT on the ISA server, also you said that
these are DSL routers are they running in the default NAT configuration
or are they configured as routers? If they are configured as routers,
they may also need routes added to their routing tables. 

Other than the LAT, I don't believe ISA is causing any issues.

Kevin

-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Thursday, March 07, 2002 8:45 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Add Internal DSL Network


http://www.ISAserver.org


Kevin,

I added to your diagram below.

The persistent route is route -p add 100.0.0.0 mask 255.255.255.0
10.0.0.20 metric 1. We only have one server. It's an MS Small Business
Server 2000. I added the route to this server.

The problem seems to be that Router #2 can't see any of the computers on
the 10.0.0. network. Now that I'm starting to relook at this problem I'm
now thinking that it is not an ISA problem but rather something amiss
with the configuration of router #2. 


Thanks for the help,

Amy Babinchak
Technology Consultant


-----Original Message-----
From: Kevin S. Malinowski [mailto:Kevin@xxxxxxxxxx] 
Sent: Tuesday, March 05, 2002 7:46 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Add Internet DSL Network

http://www.ISAserver.org


Amy,

Can you elaborate a little on the setup.

For instance, The internal nic on the ISA server has an IP of 10.0.0.1
subnet mask is...?

You have two routers, you only give one IP address per router, the
picture is not complete.

 ----                       ----                     ----
|    |10.0.0.1/24          |    |200.0.0.1/c          |    |100.0.0.1/24
|ISA |---------------------| R1 |-------------------| R2 |------------
|    |        10.0.0.20/24 |    |         200.0.0.2/c |    |
 ----                       ----                     ----


Also, what are the gateways you have assigned to each subnet and what is
the persistent route you added to the server (and which server? The ISA
server?).



Kevin Malinowski
-----Original Message-----
From: Amy [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, March 05, 2002 11:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Add Internet DSL Network


http://www.ISAserver.org


I have installed Internal DSL routers in my network. The purpose of
these
routers is to extend our network beyond the 300 foot ethernet limit to
reach the far ends of our facility.

The internal network is 10.0.0.1
The near router is 10.0.0.20
The far router is 100.0.0.1
Each router can ping the other.
The 10.0.0.20 router can ping the workstations on 100.0.0.1 and
workstations can ping the 10.0.0.20 router.

The problem is that the workstations on the 100.0.0. network can not
ping
any workstations on the 10.0.0. nor does the reverse work. I think that
the ISA server is getting in the way.

I did add a persistant route to the server for 100.0.0.0 and I added
100.0.0.0 to the LAT. What else do I need to do to allow the 100.0.0.
workstations to comunicate on the network?

thanks for the help. 

Amy

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
kevin@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.330 / Virus Database: 184 - Release Date: 2/28/2002
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.330 / Virus Database: 184 - Release Date: 2/28/2002
 

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
kevin@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.330 / Virus Database: 184 - Release Date: 2/28/2002
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.330 / Virus Database: 184 - Release Date: 2/28/2002
 

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
kevin@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.330 / Virus Database: 184 - Release Date: 2/28/2002
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.330 / Virus Database: 184 - Release Date: 2/28/2002
 

Other related posts:

• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network
• » RE: Add Internal DSL Network

1. Home
2. isalist
3. Archive
4. 03-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---